tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patrick Luby <>
Subject [PATCH] Fix for bug when running with -security option
Date Thu, 11 Oct 2001 20:13:15 GMT

Attached are patches to the following 2 files. If they are OK, these 2
patches should be applied to both the HEAD and tomcat_40_branch branches:


Basically, these patches fix a bug in
WebappClassLoader.getResourceAsStream() where, when Tomcat is run with the
-security option, a URL object is loaded into the resource cache using a
PrivilegedAction subclass and then the InputStream of that URL object is
opened without using a PrivilegedAction. This bug causes certain resource
files that are supposed to be accessible to a webapp to not be accessible.

Thanks to Remy for showing the patch needed to

View raw message